Bug in IsKerberosLogon ? - Kerberos

This is a discussion on Bug in IsKerberosLogon ? - Kerberos ; In 2.6.5 and 3.0, there IsKerberosLogon function appears in two formats,
one which appears to be broken.
In several source files, the IsKerberosLogon function appears as:
IsKerberosLogon(VOID)
{
PSECURITY_LOGON_SESSION_DATA pSessionData = NULL;
BOOL Success = FALSE;
if ( GetSecurityLogonSessionData(&amp;pSessionData) ) ...

The important difference is highlighted in red. The problem is that the
authentication package returned by LsaGetLogonSessionData returns an
LSA_UNICODE_STRING where the contents of the buffer is a wide-string.

But, in several instances, the code as highlighted in red, uses
single-byte functions which results in the string "K" being copied and
then compared to "Kerberos".

Altough lstrcmp( "Kerberos", "K" ) will return 0, this could also return
0 if the string was another word starting with "K".